<?php
	$table="quyen";
	include("../../include/dbconnect.php");
	$un=$_GET["un"];
	$page=(int)$_POST["page"];
	if($page==0) $page=1;
	
	$rp=(int)$_POST["rp"];
	if($rp==0) $rp=15;
	
	$sidx = $_POST['sortname'];  
	$sord = $_POST['sortorder'];  
	if($sidx=="") $sidx =1;  

	$query = $_POST['query'];
	$qtype = $_POST['qtype'];
	
	$where = "";
	if($query) $where = " WHERE $table.$qtype LIKE '%$query%' ";
	if($un) $where=$where.(($where=="")?"WHERE un='$un'":"and un='$un'");
	$result = mysql_query("SELECT COUNT(*) AS count FROM modules",$conn) ;
	$row = mysql_fetch_array($result);  
	$count = $row['count']; 
	mysql_free_result($result);
 
	$start = (($page-1) * $rp);
	$sql1="select * from modules";

 	$rs1=mysql_query($sql1,$conn) or die($sql1);

    header("Content-type: text/xml"); 
	echo "<?xml version='1.0' encoding='utf-8' ?>"; 
	echo "<rows>"; 
	echo "<page>".$page."</page>"; 
	echo "<total>".$count."</total>"; 
 
	while($row = mysql_fetch_array($rs1)) { 

		$SQL="SELECT * from $table where mamod='".$row['ma']."' and un='$un'";

		$result = mysql_query($SQL,$conn) or die("Lỗi hệ thống trong module $table".$SQL);  
		
		if($quyen=mysql_fetch_array($result))
		{	
			echo "<row id='".$quyen["id"]."'>"; 
			echo "<cell>".$quyen['id']."</cell>";
			echo "<cell>".$row['ma']."</cell>";
			echo "<cell>".$row['ma']."</cell>";
			echo "<cell>".$quyen['select_r']."</cell>";
			echo "<cell>".$quyen['insert_r']."</cell>";
			echo "<cell>".$quyen['update_r']."</cell>";
			echo "<cell>".$quyen['delete_r']."</cell>";
			echo "</row>"; 
		}
		elseif($un!="admin")
		{
			echo "<row id='".$un.$row['ma']."'>"; 
			echo "<cell>".$un.$row['ma']."</cell>";
			echo "<cell>".$row['ma']."</cell>";
			echo "<cell>".$row['ma']."</cell>";
			echo "<cell>K</cell>";
			echo "<cell>K</cell>";
			echo "<cell>K</cell>";
			echo "<cell>K</cell>";
			echo "</row>"; 		
		}
		else
		{
			echo "<row id='".$un.$row['ma']."'>"; 
			echo "<cell>".$un.$row['ma']."</cell>";
			echo "<cell>".$row['ma']."</cell>";
			echo "<cell>".$row['ma']."</cell>";
			echo "<cell>C</cell>";
			echo "<cell>C</cell>";
			echo "<cell>C</cell>";
			echo "<cell>C</cell>";
			echo "</row>"; 		
		}
		mysql_free_result($result);
	}
echo "</rows>"; 
mysql_free_result($rs1);
include("../../include/dbclose.php");
?>
